Shibboleth is an open-source identity federation solution that’s used in research and education communities worldwide.
Basically is a federating agent that consists of 2 components:
1- Service Provider (SP) which request attributes, represented in this implementation als storage.luckycloud.de using Apache2-mod-shib 2- Identity Provider(IDP) which broadcasts attributes, and will be implemented in the Login-logic of the site
Now the SP is actually out-of-the-box with apache2 module mod-shib. But my interest here is to do the Identity Provider part als Symfony module.
UPDATE: The Shibboleth take on this was deprecated and we installed with Luc an SSO-version since Seafile now support OAUTH2 authentication. The changes are already implemented and tested on live:
Because of security I cannot give any details of this implementation I would like to comment that is working without issues since day zero and it’s saving a lot of time preventing double login and I hope enhancing user experience.